there's some interesting stuff in this article about how coders often don't recognize that they're fixing a security vulnerability at the time they fix it: https://medium.com/@shnatsel/how-rusts-standard-library-was-vulnerable-for-years-and-nobody-noticed-aebf0503c3d6
unfortunately, the author is full of themselves, with that all-too-common coderbro attitude of "anyone who doesn't have the exact subset of knowledge that i have, is an idiot, probably maliciously so"
@robey I can't bring myself to read it. How many times does he say "just"?
@robey haha I enjoyed this quote:
"There is a highly effective technique for discovering vulnerabilities [...] searching the bug tracker."
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either! We adhere to an adapted version of the TootCat Code of Conduct and follow the Toot Café list of blocked instances. Ash is the admin and is supported by Fuzzface, Brian!, and Daniel Glus as moderators. Hosting costs are largely covered by our generous supporters on Patreon – thanks for all the help!